////////////////////////////////////////////////////////////////////////////////
//
//  Copyright (c) 2010 Leon Coto Rodriguez
//  leoncoto@gmail.com
//  
//  Permission is hereby granted, free of charge, to any person
//  obtaining a copy of this software and associated documentation
//  files (the "Software"), to deal in the Software without
//  restriction, including without limitation the rights to use,
//  copy, modify, merge, publish, distribute, sublicense, and/or sell
//  copies of the Software, and to permit persons to whom the
//  Software is furnished to do so, subject to the following
//  conditions:
//  
//   The above copyright notice and this permission notice shall be
//   included in all copies or substantial portions of the Software.
//  
//  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
//  EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
//  OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
//  NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
//  HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
//  WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
//  FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
//  OTHER DEALINGS IN THE SOFTWARE.
//
////////////////////////////////////////////////////////////////////////////////

package org.flexspeedup.services
{
import mx.rpc.AsyncToken;

/**
 * Implementing this interface means that a service is capable of authenticating 
 * users.
 * 
 * @langversion 3.0
 * @playerversion Flash 9
 * @playerversion AIR 1.1
 * @productversion Flex 3
 */
public interface IUserService extends ICollectionService
{

    /**
     * Authenticates that a particular user is a registered user.
     * 
     * @param userName The user name the service will attempt to authenticate
     * 
     * @param hash A secure representation of the user's password. 
     * <p>the <code>hash</code> id built in the following way:
     * <p><code>SHA1(password . secretKey . nonce)</code>
     * <p>Where:
     * 
     * <p><code>password</code>: MD5 string representation of the user's inputed 
     * password (that's it, not the final hash passed to the server).
     * 
     * <p><code>secretKey</code>: key that both the client and the backend must 
     * share.
     * 
     * <p><code>nonce</code>: random string generated by the client and passed 
     * to the server.
     * 
     * @param nonce random string generated by the client and passed to 
     * the server. The nonce MUST be the same one used when building the 
     * <code>hash</code> parameter.
     * 
     * @return AsyncToken Call using the asynchronous completion token pattern.
     * The same object is available in the <code>result</code> and
     * <code>fault</code> events from the <code>token</code> property.
     */
    function authenticateUser(userName:String, hash:String, nonce:String):AsyncToken
}
}